Systems and methods for programming a credential reader

ABSTRACT

A credential reader update system includes a server operable to provide a credential reader update via a cellular telephone interface, and a plurality of credential readers. Each credential reader communicates with a presented credential at a credential reader frequency, wherein each credential reader has a credential reader interface having a range. A portable update device is movable into and out of the range, and is operable to receive the credential reader update via the cellular telephone interface. A credential reader update application is included in the portable update device, and is operable to uniquely identify the particular credential reader to be updated. The portable update device transfers the credential reader update to the credential reader via the credential reader interface, and the credential reader update includes firmware instructions that cause the credential reader to perform communications with the presented credential at a second frequency different than the credential reader frequency.

BACKGROUND

The present invention is related to radio frequency identification(RFID) readers, and more particularly, to systems and methods forupdating an RFID reader using a mobile credential.

RFID readers are capable of reading a credential presented within adefined proximity of the RFID reader. Such a credential read may be usedas the basis of, for example, allowing access or another operationrequiring identification. In many cases it is not possible to modify aninstalled RFID reader, while in other cases, any modification is bothcostly and time consuming. Such modifications may require, for example,physically opening the RFID reader and replacing an internal read onlymemory maintaining firmware instructions. As another example, updatingan RFID reader may include replacing a current RFID reader with a newmodel. While these approaches provide an ability to update or upgrade acurrently installed RFID reader, they are often unacceptably cumbersomeand costly.

Hence, for at least the aforementioned reasons, there exists a need inthe art for advanced systems and methods for updating RFID readers.

SUMMARY

The present invention is related to radio frequency identification(RFID) readers, and more particularly, to systems and methods forupdating an RFID reader using a mobile credential.

Various embodiments of the present invention provide portable updatedevices. Such portable update devices include a cellular telephoneinterface, a processor, an nfc interface, and a memory. The memoryincludes instructions executable by the processor to: store an RFIDreader update received via the cellular telephone interface to thememory, receive an indication from the nfc interface indicating that itis receiving communications from an RFID reader, access the RFID readerupdate from the memory, and transfer the RFID reader update to the RFIDreader via the nfc interface. In some instances of the aforementionedembodiments, the nfc interface operates at 13.56 MHz and the memory is anon-volatile memory.

Other embodiments of the present invention provide methods for updatingan RFID reader. Such methods include transferring an RFID reader updateto a portable update device via a wireless communication link. Theportable update device is moved within proximity of the RFID reader thatdetects the presence of the portable update device. The RFID readerupdate is transferred to the RFID reader. The RFID reader updatemodifies operation of the RFID reader. In some instances of theaforementioned embodiments, the RFID reader update causes a change in anauthorization code of the RFID reader. As such, a different set ofcredentials are authorized to the RFID reader. As some examples, theRFID reader may be used to authorize access via an access point or aspart of a point of sale device.

In particular instances of the aforementioned embodiments, the portableupdate device is a cellular telephone that supports near fieldcommunication. In some such instances, the near field communication areused to transfer the RFID reader update to the RFID reader using aprogramming frequency and protocol recognized by the RFID reader.

Where the RFID reader is operable to authorize access via the accesspoint when an appropriate credential is brought within proximity of theRFID reader, the RFID reader update may render the credentialunauthorized. In other cases, the RFID reader update renders thecredential authorized. In yet other cases, the RFID reader updaterenders the RFID reader able to receive information from a credential ata new frequency.

Yet other embodiments of the present invention provide RFID readerupdate systems. Such systems include a server, an RFID reader, and aportable update device. The server is operable to provide an RFID readerupdate via a communication network. The RFID reader has an nfcinterface. The portable update device is operable to receive the RFIDreader update via the communication network, and to transfer the RFIDreader update to the RFID reader via the nfc interface. In particularinstances of the aforementioned embodiments, the nfc interface operatesat 13.56 MHz. In some instances of the aforementioned embodiments, theportable update device is a cellular telephone, and wherein the RFIDreader update is received via the communication network via a cellulartelephone interface. In some cases, the RFID reader is implemented aspart of a point of sale device, while in other cases, the RFID reader isused to control access to a location.

In various instances of the aforementioned embodiments, the RFID readerupdate causes a change in an authorization code of the RFID reader. Insome cases, the RFID reader is associated with an access point. In suchcases, by authorizing a credential to the RFID reader the access pointis opened. In various instances of the aforementioned embodiments, theRFID reader includes a processor. In such instances, the RFID readerupdate may include instructions executable by the processor to modifythe function performed by the RFID reader. In a particular case, theportable update device transmits authorization information at a firstfrequency, and the RFID reader is operable to receive authorizationinformation at a second frequency. The RFID reader update renders theRFID reader able to receive authorization information at the firstfrequency.

In another construction, a credential reader update system includes aserver operable to provide a credential reader update via a cellulartelephone interface, and a plurality of credential readers. Eachcredential reader is operable to communicate with a presented credentialat a credential reader frequency, wherein each credential reader has acredential reader interface having a credential reader interface range.A portable update device is selectively movable into and out of thecredential reader interface range, wherein the portable update device isoperable to receive the credential reader update via the cellulartelephone interface. A credential reader update application is includedin the portable update device, and is operable to uniquely identify theparticular credential reader to be updated. The portable update deviceis operable to transfer the credential reader update to the credentialreader via the credential reader interface, and wherein the credentialreader update includes firmware instructions that cause the credentialreader to perform communications with the presented credential at asecond frequency different than the credential reader frequency.

In another construction, a method for updating a credential reader thatis operable to read a presented credential at a credential readerfrequency includes transferring a credential reader update to a portableupdate device via a cellular telephone interface, the portable updatedevice movable into and out of a credential reader interface range,detecting the portable update device within the credential readerinterface range of the credential reader, and determining if thecredential reader is a particular credential reader that is to beupdated. The method also includes transferring the credential readerupdate to the credential reader via the credential reader interface inresponse to a positive determination that the credential reader is theparticular credential reader that is to be updated, wherein thecredential reader operates consistent with the credential reader update,and wherein the credential reader update includes firmware instructionsthat cause the credential reader to perform communications with thepresented credential at a second frequency in addition to the credentialreader frequency.

In another construction, a remote access system includes a credentialreader, a credential having a first communication interface thatcommunicates using a cellular telephone network and a secondcommunication interface that is different than the first communicationinterface, the credential operable to receive authorization informationand to communicate with the credential reader, and a server operable toreceive an authorization request for the credential and to access thecredential to provide the authorization information. A portable deviceis operable to send the authorization request to the server from thecredential, and a reader authorization application is included in thecredential, wherein the credential is operable to transfer anauthorization code to the credential reader via the second communicationinterface that is different than the first communication interface,wherein the portable device is separate from the credential.

In yet another construction, a method for remotely authorizing accessincludes transferring a request for access from a credential to aportable device which is separate from the credential, determining agrant of access, sending an authorization request from the portabledevice to a server, the authorization request identifying the grant ofaccess, and uploading authorization information for a credential readerto the credential. The method also includes initiating a communicationwith a credential reader interface in response to positioning thecredential within a credential reader interface range of the credentialreader, requesting authorization information from the credential, andtransferring the authorization information from the credential to thecredential reader via the credential reader interface.

This summary provides only a general outline of some embodimentsaccording to the present invention. Many other objects, features,advantages and other embodiments of the present invention will becomemore fully apparent from the following detailed description, theappended claims and the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

A further understanding of the various embodiments of the presentinvention may be realized by reference to the figures which aredescribed in remaining portions of the specification. In the figures,like reference numerals are used throughout several drawings to refer tosimilar components. In some instances, a sub-label consisting of a lowercase letter is associated with a reference numeral to denote one ofmultiple similar components. When reference is made to a referencenumeral without specification to an existing sub-label, it is intendedto refer to all such multiple similar components.

FIG. 1a depicts a cellular telephone including an RFID reader updatemodule capable of updating an RFID reader via a near field communicationprotocol in accordance with various embodiments of the presentinvention;

FIG. 1b depicts an RFID reader including a cellular telephone interfacein accordance with some embodiments of the present invention;

FIG. 2 shows a system for facilitating RFID reader updating using aportable update device in accordance with one or more embodiments of thepresent invention;

FIG. 3 depicts a system for facilitating direct RFID reader updatingusing an RFID reader incorporating a cellular telephone link inaccordance with some embodiments of the present invention;

FIG. 4 depicts a system for facilitating direct RFID reader updatingusing an ultra wideband link in accordance with various embodiments ofthe present invention;

FIG. 5 is a flow diagram showing a method in accordance with one or moreembodiments of the present invention for performing an RFID readerupdate;

FIG. 6 shows a system in accordance with some embodiments of the presentinvention for performing a credential update;

FIG. 7 is a flow diagram showing a method in accordance with one or moreembodiments of the present invention for remotely updating credentials;

FIG. 8 shows a system in accordance with various embodiments of thepresent invention for performing a remote authorization of guest access;

FIG. 9 is a flow diagram showing a method in accordance with one or moreembodiments of the present invention for remote authorization of guestaccess;

FIG. 10 depicts a system in accordance with some embodiments of thepresent invention for providing access security;

FIG. 11 is a flow diagram showing a method in accordance with one ormore embodiments of the present invention for emergency location accessauthorization; and

FIG. 12 is a flow diagram showing a method in accordance with someembodiments of the present invention for multi-part credential updating.

DETAILED DESCRIPTION

The present invention is related to radio frequency identification(RFID) readers, and more particularly, to systems and methods forupdating an RFID reader using a mobile credential.

Some embodiments of the present invention provide systems and methodsfor updating an RFID reader. As used herein, the phrase “RFID reader” isused in its broadest sense to mean any device that is capable wirelessinteraction with a credential, and upon recognizing or authorizing thecredential, a particular function is implemented. Such a function maybe, but is not limited to, performing a payment or value transfer froman individual associated with the credential or allowing access via anaccess point associated with the RFID reader. The performed functionand/or access to the performed function may be modified by providing anRFID reader update to the RFID reader. As used herein, the phrase “RFIDreader update” is used in its broadest sense to mean any modificationthat operates to change the functionality of the RFID reader. As justone example, an RFID reader update may be a set of firmware or softwareinstructions written to the memory of the RFID reader that cause achange in functionality of the RFID reader. The change in functionalitymay be, but is not limited to, a change in authorization codes acceptedby the RFID reader or a change in the function of the RFID reader uponsuccessfully authorizing a credential. Based upon the disclosureprovided herein, one of ordinary skill in the art will recognize avariety of RFID reader updates that may be used in relation to differentembodiments of the present invention.

As used herein, the term “credential” is used in its broadest sense tomean any portable device that includes information useful in completingan access and/or transaction. Thus, for example, a credential may be asmart card with information allowing a user of the credential to passthrough an access point. Such credentials may be, but are not limitedto, access control cards, smart cards, cellular telephones, personaldigital assistants, and/or the like. Such credentials may be capable ofcommunicating via a wireless communication interface. The wirelesscommunication interface may be, but is not limited to, a radio frequencyinterface, an optical interface, or the like. Based upon the disclosureprovided herein, one of ordinary skill in the art will recognize avariety of credentials and mechanisms for facilitating communicationwith RFID readers that may be used in relation to different embodimentsof the present invention.

As an example, a method for updating an RFID reader is disclosed thatincludes transferring an RFID reader update to a portable update devicevia a wireless communication link. The portable update device is movedwithin proximity of the RFID reader that detects the presence of theportable update device. The RFID reader update is transferred to theRFID reader. The RFID reader update modifies operation of the RFIDreader. As used herein, the phrase “portable update device” is used inits broadest sense to mean any portable device that is capable ofinteracting with an RFID reader. As defined herein, credentials may beused as portable update devices. Based upon the disclosure providedherein, one of ordinary skill in the art will recognize a variety ofportable update devices that may be used in relation to differentembodiments of the present invention.

In some cases, the portable update device is a cellular telephone thatsupports near field communication. In some such instances, the nearfield communication is used to transfer the RFID reader update to theRFID reader using a programming frequency and protocol recognized by theRFID reader. As used herein, the phrase “near field communication” or“nfc” (without capitalized letters) is used in its broadest sense tomean any wireless communication protocol that allows for two devicesdisposed close together to transfer information. As just one example,near field communication may be Near Field Communication or NFC (withcapitalized letters). Such Near Field Communication may be, for example,compliant with either Near Field Communication Interface and Protocol-1(ISO/IEC 18092/ECMA-340) or Protocol-2 (ISO/IEC 21481/ECMA-352). Asspecified, Near Field Communication operates at 13.56 MHz and transfersdata at up to 424 Kbits/second. Near Field Communication provides theability to both read and write between devices that are within tencentimeters of each other. The data transfer is effectuated via magneticfield induction where two loop antennas are located within one another'snear field, effectively forming an air-core transformer. Near FieldCommunication commonly operates in either a passive communication modeor an active communication mode. In the passive communication mode, theinitiating device provides a carrier field and the target device answersby modulating existing field. In this mode, the target device may drawits operating power from an electromagnetic field provided by theinitiating device, thus eliminating the need for an internal powersupply. In the active communication mode, both the initiating device andthe target device communicate by alternately generating their ownelectromagnetic field. A receiving device deactivates its RF field whileit is waiting for data from the other device. In this mode, both deviceswould typically have some access to a power source independent of theother device. As another example, near field communication may be acommunication protocol consistent with the ISO 14443 proximity-cardstandard. Based on the disclosure provided herein, one of ordinary skillin the art will recognize a variety of near field communicationprotocols, techniques and/or frequencies that may be used in relation todifferent embodiments of the present invention.

Turning to FIG. 1a , a block diagram of a cellular telephone 100 isshown. Cellular telephone 100 includes a cellular telephone interface114, a processor 116, a web browser application 118, an RFID readerupdate application 120, and an nfc interface 122. Cellular telephoneinterface 114 is capable of receiving and transmitting information via acellular telephone link. Cellular telephone interface 114 may be anycellular telephone interface known in the art. Any received informationis provided to a processor 116. Similarly, processor 116 providesinformation that is to be transmitted to cellular telephone interface114. Processor 116 may be any device capable of executing software orfirmware instructions to cause cellular telephone 100 to perform definedfunctions. A memory 112 is included that is capable of storinginformation that is to be used by cellular telephone 100. In some cases,memory 112 stores software or firmware instructions executable byprocessor 116 to perform defined functions. Memory 112 may be any devicecapable of storing data. For example, memory may be an SRAM, a DRAM, aFlash DRAM, an EPROM, EEPROM, and/or the like. Based on the disclosureprovided herein, one of ordinary skill in the art will recognize avariety of memory types and/or combinations thereof that may be used toimplement memory 112. Web browser application 118 allows for searchingthe Internet via cellular telephone interface 114 as is known in theart.

RFID reader update application 120 is capable of providing an RFIDreader update in a format that nfc interface 122 is capable oftransmitting to an RFID reader via a near field communication link. Ingeneral, the RFID reader update includes a first set of instructionsoperable to uniquely identify the particular RFID reader that is to beupdated. A second set of instructions are included that are operable tocause an RFID reader to write subsequent information to a definedlocation in the memory of the RFID reader. The RFID reader update alsoincludes subsequent data that, in accordance with the preceding writeinstructions, is written to the defined location in the RFID readermemory. This subsequent information may be either data or firmwareinstructions designed to modify operation of the RFID reader. Thesubsequent data may include, for example, replacement or additionalauthorization codes. As another example, the subsequent data may includefirmware instructions causing the RFID reader to perform communicationswith presented credentials at additional frequencies. Based on thedisclosure provided herein, one of ordinary skill in the art willrecognize a variety of data and/or firmware instructions that may beprepared for writing by RFID reader update application 120. The RFIDreader update may also include a final set of instructions closing offcommunication. The nfc interface 122 may be any interface known in theart that is capable of carrying out near field communications with anRFID reader.

In operation, cellular telephone 100 receives an RFID reader update viacellular telephone interface 114. Processor 116 stores the RFID readerupdate to memory 112. When cellular telephone 100 is brought withinproximity of an RFID reader, attempts to communicate with the RFIDreader is performed via nfc interface 122. Once nfc communications areestablished with the RFID reader, the RFID reader update application 120requests identification information from the RFID reader. Where theidentification information corresponds to the RFID reader update to beprogrammed, the RFID reader update is pulled from memory 112 by RFIDreader update application 120 and transmitted to the RFID reader via nfcinterface 122.

Turning to FIG. 1b , an RFID reader 150 including a cellular telephoneinterface 178 is shown in accordance with some embodiments of thepresent invention. In particular, RFID reader 150 includes an RFIDinterface 172, a processor 174, firmware memory 176, and an RFID readerfunction 180. Cellular telephone interface 178 may be any cellulartelephone interface known in the art that provides at least forreceiving information via a cellular network. RFID interface 172 may beany interface known in the art that allows for receiving wirelesscommunications at an RFID reader. RFID reader function 180 is a controlcircuit that effectuates the function that is to be performed by RFIDreader 150. Thus, for example, where RFID reader 150 is used toauthorize access via an access point such as a physical doorway, RFIDreader function 180 provides an electronic unlock signal to a lockcontrolling access via the doorway when an authorized credential isbrought within proximity of the RFID reader. Based upon the disclosureprovided herein, one of ordinary skill in the art will recognize avariety of functions that may be implemented by RFID reader function180. Firmware memory 176 stores instructions executable by processor174. Firmware memory 176 may be any device capable of storing data. Forexample, memory may be an SRAM, a DRAM, a Flash DRAM, an EPROM, EEPROM,and/or the like. Based on the disclosure provided herein, one ofordinary skill in the art will recognize a variety of memory typesand/or combinations thereof that may be used to implement memory 176.

Turning to FIG. 2, an RFID reader update system 200 is shown inaccordance with one or more embodiments of the present invention. RFIDreader update system 200 includes a cellular telephone 200 that iscommunicably coupled to a server 250 via a communication network 240. Inone implementation, communication network 240 includes a cellulartelephone network. Server 250 provides a remote control that is capableof uploading information to cellular telephone 200. This uploadedinformation may then be downloaded to an RFID reader 270 once cellulartelephone 200 is brought within a communicable proximity of RFID reader270. RFID reader 270 includes an RFID interface 272, a processor 274 andfirmware memory 276. RFID device 270 operates similar to that describedin relation to RFID reader 150, except that there is no cellulartelephone interface.

In operation, a command to update RFID reader 270 along with an RFIDreader update is sent from server 250 to cellular telephone 200 viacommunication network 240. In some cases, the command to update RFIDreader 270 is sent as a text message to cellular telephone 200 that mayinclude, for example, instructions on where the target RFID reader(s) islocated. In addition to the text message, an RFID reader update is sentto cellular telephone 200. In yet other cases, web browser application118 of cellular telephone 200 may be used to request an RFID readerupdate from server 250. The received RFID reader update is directed byprocessor 116 to memory 112. Cellular telephone 200 is then moved withinproximity of RFID reader 270. When cellular telephone 200 is withincommunicable proximity of RFID reader 270, RFID reader 270 and cellulartelephone 200 begin a communication session using nfc interface 122 asis known in the art. The nfc interface 122 indicates the ongoingcommunication session to RFID reader update application 120, and inresponse, RFID reader update application 120 accesses the previouslyreceived RFID reader update from memory 112 and provides the RFID readerupdate to RFID reader 270 via nfc interface 122. As an example, the RFIDreader update may include, but is not limited to, a first set ofinstructions that are operable to cause an RFID reader to writesubsequent information to a defined location in the memory of the RFIDreader. The RFID reader update also includes subsequent data that, inaccordance with the preceding write instructions, is written to thedefined location in the RFID reader memory. This subsequent informationmay be either data or firmware instructions designed to modify operationof the RFID reader. The RFID reader update finishes with a set ofinstructions closing off communication. Upon writing the RFID readerupdate to RFID reader 270, the operation of RFID reader 270 is changedto conform to the update.

Turning to FIG. 3, an RFID reader update system 300 facilitating directRFID reader updating using a cellular telephone link is shown inaccordance with one or more embodiments of the present invention. RFIDreader update system 300 includes a server 350 that is communicablycoupled to one or more RFID readers 370 via a communication network 340.Similar to RFID reader 150, RFID readers 370 each include a cellulartelephone interface 178 capable of receiving cellular telephonecommunications via communication network 340. Each of RFID readers 370is further capable of authorizing one or more credentials 305 via RFIDreader interface 172 that are brought within communicable proximity ofthe particular RFID reader 370.

In operation, an RFID reader update is sent from server 350 to aselected one of RFID readers 370 or to a group of RFID readers 370 viacellular telephone interfaces 178 that are included in each of thereaders. The RFID reader update may include, for example, instructionson where in firmware memory 176 to write the update and the actualupdate. Once received, via cellular telephone interface 178, the RFIDreader update is passed to processor 174. In turn, processor 174 writesthe received RFID update the appropriate memory locations in firmwarememory 176. Upon writing the RFID reader update to RFID reader(s) 370,the operation of RFID reader(s) 370 is changed to conform to the update.

Turning to FIG. 4, an RFID reader update system 400 for facilitatingdirect RFID reader updating using an ultra wideband link is shown inaccordance with various embodiments of the present invention. As shown,RFID reader update system 400 includes a server 450 that is communicablycoupled to one or more RFID readers 460 via an ultra wideband hub 420.Ultra wideband hub 420 is capable of communicating with RFID reader 460,along with various other ultra wideband devices 440. Ultra wideband hub420 includes an ultra wideband transmitter 430 that transmits variousinformation to one or more devices capable of ultra widebandcommunications. As noted above, one of the devices is RFID reader 460that includes an ultra wideband capable RFID interface 462. In somecases, RFID interface 462 is capable of receiving standard RFIDcommunications along with ultra wideband communications using the samecircuitry. RFID reader 460 further includes a processor 464, a firmwarememory 466, and an RFID function 480. RFID function 480 is a controlcircuit that effectuates the function that is to be performed by RFIDreader 460. Thus, for example, where RFID reader 460 is used toauthorize access via a physical doorway, RFID reader function 480provides an electronic unlock signal to a lock controlling access viathe doorway when an authorized credential is brought within proximity ofthe RFID reader. Based upon the disclosure provided herein, one ofordinary skill in the art will recognize a variety of functions that maybe implemented by RFID reader function 480.

In operation, an RFID reader update is sent from server 450 to RFIDreader 460 via ultra wideband hub 420. The ultra wideband communicationincluding the RFID reader update is received by ultra wideband capableRFID interface 462 and passed to processor 464. The RFID reader updatemay include, for example, instructions on where in firmware memory 176to write the update and the actual update. Processor 464 writes theupdate to the appropriate location in firmware memory 466. Upon writingthe RFID reader update to RFID reader 460, the operation of RFID reader460 is changed to conform to the update.

Turning to FIG. 5, a flow diagram 500 depicts a method in accordancewith one or more embodiments of the present invention for performing anRFID reader update. Following flow diagram 500, it is determined whetheran RFID reader update is available (block 505). This may include, forexample, identifying a new RFID reader update in a server supporting theupdate system. In some cases, determining that a new RFID reader updateis available includes modifying an existing RFID reader program andidentifying the program as an update. In various cases, identifying anew update may be initiated remotely by a technician using a cellulartelephone to request a new update. It is then determined whether adirect update capability exists (block 510). Direct update capabilityprovides an ability to communicate directly with an RFID reader via acommunication network. Such direct update capability may be, forexample, facilitated by a cellular telephone interface integrated intothe RFID reader that is to be updated. As another example, directupdates may be facilitated by ultra wideband communication. Based uponthe disclosure provided herein, one of ordinary skill in the art willrecognize a variety of direct update approaches that may be used inrelation to different embodiments of the present invention.

Where direct update capability exists (block 510), the RFID readerupdate is transferred to the identified RFID reader via the directupdate interface (block 520). The transferred RFID reader update mayinclude an initial set of instructions that are operable to cause anRFID reader to write subsequent information to a defined location in thememory of the RFID reader. The RFID reader update also includessubsequent data that, in accordance with the preceding writeinstructions, is written to the defined location in the RFID readermemory. This subsequent information may be either data or firmwareinstructions designed to modify operation of the RFID reader. Thesubsequent data may include, for example, replacement or additionalauthorization codes. As another example, the subsequent data may includefirmware instructions causing the RFID reader to perform communicationswith presented credentials at additional frequencies. The RFID readerupdate may also include a final set of instructions closing offcommunication. Once the RFID reader update is transferred, thefunctionality of the receiving RFID reader is modified in accordancewith the update.

Alternatively, where direct update capability does not exist (block510), a portable update device is selected to perform the update (block515). This may include, for example, selecting the cellular telephone ofa technician in the general area of the RFID reader that is to beupdated. As another example, where a request for an update is receivedfrom a technician, the cellular telephone of the technician may bechosen to perform the update. Once the portable update device isidentified, the RFID reader update is transferred to the identifiedportable update device (block 540). This may include, for example,providing the RFID reader update to an identified cellular telephone viaa cell communication link. The RFID reader update may indicate aparticular RFID reader or class of RFID readers to which the RFID readerupdate is to be applied. In addition, a text message may be sent to theportable update device providing instructions for uploading the RFIDreader update to an RFID reader. The portable update device is thenmoved within communicable distance of an RFID reader (block 525). Bybringing the portable update device within communicable distance, an nfccommunication is initiated between the portable update device and theRFID reader.

With communications with the RFID reader established, the portableupdate device pulls the previously received RFID reader update frommemory and transfers it to the RFID reader (block 530). The transferredRFID reader update may include an initial set of instructions that areoperable to cause an RFID reader to write subsequent information to adefined location in the memory of the RFID reader. The RFID readerupdate also includes subsequent data that, in accordance with thepreceding write instructions, is written to the defined location in theRFID reader memory. This subsequent information may be either data orfirmware instructions designed to modify operation of the RFID reader.The subsequent data may include, for example, replacement or additionalauthorization codes. As another example, the subsequent data may includefirmware instructions causing the RFID reader to perform communicationswith presented credentials at additional frequencies. The RFID readerupdate may also include a final set of instructions closing offcommunication. Once the RFID reader update is transferred, thefunctionality of the receiving RFID reader is modified in accordancewith the update.

Turning to FIG. 6, a credential update system 600 is depicted inaccordance with some embodiments of the present invention. Credentialupdate system 600 includes one or more cellular telephones 600 that areeach communicably coupled to a server 650 via a communication network640. In one implementation, communication network 640 includes acellular telephone network. Server 650 is capable of processing requeststo upload new or modified authorization codes to cellular telephone(s)600. In some cases, server 650 may be used to modify access codes tomany cellular telephones 600 as part of upgrading an access controlsystem, or of providing an authorization code to a newly authorizedcredential or of modifying the authorization codes maintained by acurrently authorized credential. The uploaded authorization codes arereceived from server 650 via cellular telephone interface 114. Cellulartelephone interface 114 provides the received authorization code(s) toprocessor 116 that stores the received information to memory 112. Whencellular telephone 600 is brought within communicable distance of anRFID reader 670, an nfc communication is initiated using nfc interface122. Once initiated, nfc interface 122 requests authorizationinformation from an RFID reader authorization application 620. RFIDreader authorization application 620 pulls the uploaded authorizationinformation from memory 112, and provides the authorization informationto nfc interface 122. The authorization information is then provided toRFID interface 272 via the nfc communication channel. Where theauthorization is recognized by RFID reader 670, the function of RFIDreader 670 is triggered. Thus, for example, where RFID reader 670 isassociated with a doorway, once the authorization is accepted, the dooris opened. Based upon the disclosure provided herein, one of ordinaryskill in the art will recognize a variety of RFID functions that may beperformed by RFID reader 670.

FIG. 7 is a flow diagram 700 showing a method in accordance with one ormore embodiments of the present invention for remotely updatingcredentials. Following flow diagram 700, it is determined whether arequest is received to authorize access via a new credential (block705). Such a request may be entered, for example, via a serversupporting a credential update system. Entry into the server may be donedirectly on the server, or remotely by calling in from a cellulartelephone or via the Internet. Based upon the disclosure providedherein, one of ordinary skill in the art will recognize a variety ofapproaches that may be used for requesting new credential access. Wherea request to authorize access via a new credential is received (block705), access information for the new credential is identified (block715). This access information may be, for example, included in thereceived request. As one example, where the credential is embodied in acellular telephone, the access information may include the telephonenumber for the cellular telephone. Once the access information isidentified (block 715), an authorization code(s) corresponding therequested access authorization is transferred to the credential (block720). Where, for example, the credential is a cellular telephone, theauthorization code(s) is received via the cell interface of the cellulartelephone and stored to the memory of the cellular telephone. At thisjuncture, the credential is capable of authorizing to one or more RFIDreaders utilizing the authorization code(s). In addition to transferringthe authorization code(s), the credential is identified on a list ofcredentials capable of accessing particular RFID readers that ismaintained by the server (block 725).

Alternatively, where a request to authorize access via a new credentialis not received (block 705), it is determined whether a request tomodify an authorization code(s) in a currently authorized credential isreceived (block 710). Where such a request is received (block 710),access information for the credential is identified (block 730). Thisaccess information may be, for example, included in the receivedrequest. As one example, where the credential is embodied in a cellulartelephone, the access information may include the telephone number forthe cellular telephone. Once the access information is identified (block730), it is determined whether one or ore authorization codes maintainedby the credential are to be modified or whether one or moreauthorization codes are to be removed or revoked (block 735). Whereexisting authorization codes are to be removed or revoked (block 735),an upload is performed to the credential that operates to delete oroverwrite the previously provided authorization code(s) maintained inthe memory of the credential (block 740). Once this is completed, thecredential is no longer able to authorize to the RFID readers associatedwith the request. Further, the credential is removed from a list ofcredentials capable of accessing particular RFID readers that ismaintained by the server (block 745). Alternatively, where existingauthorization codes are to be modified (block 735), an upload isperformed to the credential that operates to overwrite the previouslyprovided authorization code(s) maintained in the memory of thecredential with the new authorization code(s) (block 750). Once this iscompleted, the credential is able to authorize to the RFID readersassociated with the request using the modified information.

Turning to FIG. 8, a remote authorization, guest access system 800 isdepicted in accordance with some embodiments of the present invention.Remote authorization, guest access system 800 includes one or morecellular telephones 800 that are each communicably coupled to a server850 via a communication network 840. In one implementation,communication network 840 includes a cellular telephone network. Server850 is capable of receiving a request to grant or revoke authorizationfor a given credential, and to implement the request by accessing theidentified credential. As an example, a request to access a location 860may be sent from a guest via their cellular telephone 800 a to acellular telephone 800 b of the owner of location 860. This request maybe received as, for example, an audio conversation or a text message.The owner may then decide to grant the request or not. Where a decisionis made to grant the request, the owner may send an authorizationrequest to server 850 via communication network 840. The authorizationrequest indicates to server 850 that cellular telephone 800 a should beupdated to allow access to location 860.

In response to the authorization request, server 850 uploads anauthorization code(s) for an RFID reader 870 to cellular telephone 800a. The uploaded authorization code(s) are received from server 850 viacellular telephone interface 114. Cellular telephone interface 114provides the received authorization code(s) to processor 116 that storesthe received information to memory 112. When cellular telephone 800 isbrought within communicable distance of RFID reader 870, an nfccommunication is initiated using nfc interface 122. Once initiated, nfcinterface 122 requests authorization information from RFID readerauthorization application 620. RFID reader authorization application 620pulls the uploaded authorization information from memory 112, andprovides the authorization information to nfc interface 122. Theauthorization information is then provided to RFID interface 272 via thenfc communication channel. Where the authorization is recognized by RFIDreader 870, an RFID reader function 880 is triggered. In this case, RFIDreader function 880 operates to grant access to location 860 byunlocking a door where an authorized credential is presented.

Turning to FIG. 9, a flow diagram 900 shows a method in accordance withone or more embodiments of the present invention for remoteauthorization of guest access. Following flow diagram 900, a request foraccess is received (block 905). This may include, for example, receiptof a request from a potential guest to access a particular property. Theguest may be, but is not limited to, a realtor trying to show aproperty, a friend trying to access a residence when the owner is nothome, or a client trying to access a condominium that they have rented.Based upon the disclosure provided herein, one of ordinary skill in theart will recognize a variety of guests that may be granted access to alocation. It should further be noted that while access is beingdiscussed in relation to a property, that access could be granted to,for example, an item. Based on the disclosure provided herein, one ofordinary skill in the art will recognize a variety of properties, itemsand/or operations to which a guest may request access.

The request is provided to an authorized entity or person thatdetermines whether to grant the request (block 910). For example, wherethe request is to access a residence, the request may be sent to theowner of the residence. In some cases, the authorized entity may be acomputer capable of determining whether the requestor should beauthorized. Where the request is accepted by the authorized person orentity (block 910), an authorization request is sent by the authorizingparty to a server supporting a remote authorization, guest access system(block 915). The request may be, for example, in the form of a textmessage to the server that the server is able to automatically parse andauthorize. Alternatively, the authorizing party may use a web browser toaccess the server and authorize the grant of access. A typicalauthorization request includes access information for the credentialthat is to be authorized, a duration of the authorization, andinformation capable of assuring that the party submitting theauthorization request has authority to grant access. Based upon thedisclosure provided herein, one of ordinary skill in the art willrecognize a variety of mechanisms that may be used to provide a requestto grant access to the server supporting a remote authorization, guestaccess system.

Once the request is received at the server (block 920), the serverparses the request to identify access information for the credentialthat is to be authorized (block 925). As one example, where thecredential is embodied in a cellular telephone, the access informationmay include the telephone number for the cellular telephone. Once theaccess information is identified (block 925), an authorization code(s)corresponding the requested access authorization is transferred to thecredential (block 930). Where, for example, the credential is a cellulartelephone, the authorization code(s) is received via the cell interfaceof the cellular telephone and stored to the memory of the cellulartelephone. At this juncture, the credential is capable of authorizing toone or more RFID readers utilizing the authorization code(s). In somecases, transferring the authorization code(s) further includes sending amessage (e.g., voice or text) to both the authorizing party and theguest. In some cases, this may be to the cellular telephones of the twoparties, or to some other designated message area such as a remote emailtool. Then newly authorized credential is identified on a list ofcredentials capable of accessing the RFID reader associated with therequest that is maintained by the server (block 935). Further, where theduration of the authorization is finite, that duration is recorded andmonitored by the server (block 940). As an example, an authorization maybe granted to a guest for a three day period. Based upon the disclosureprovided herein, one of ordinary skill in the art will recognizeappropriate durations depending upon the particular scenario.

As shown in a flow diagram 901, the server continues to monitor theduration of the authorization. When the duration expires (block 951),the server identifies the access information for the credential (block961). The access information is used to access the credential andoverwrite or otherwise revoke the previously provided authorizationcode(s) (block 971). Once the revocation is complete, the credential isno longer capable of authorizing itself to the RFID reader. With thiscomplete, the credential is removed from the server maintained list ofcredentials capable of accessing the RFID reader associated with therequest (block 981).

Turning to FIG. 10, an emergency access security system 1000 is depictedin accordance with various embodiments of the present invention.Emergency access security system 1000 includes one or more cellulartelephones 1095 that are each communicably coupled to a server 10950 viaa communication network 1040. In one implementation, communicationnetwork 1040 includes a cellular telephone network. Server 1050 iscapable of receiving a request to grant or revoke authorization for agiven credential, and to implement the request by accessing theidentified credential. As an example, all of cellular telephones 1095may be held by employees of a company operating at a facility 1090.Access to facility 1090 is controlled by an RFID reader 1080. As such,cellular telephones 1095 are originally capable of authorizing to RFIDreader 1080. An emergency associated with the company or region in whichthe company is operating may be detected. In such a case, it may be thecompany's desire to direct its employees to a safe house 1060. In such acase, server 1050 may upload a text message to each of cellulartelephones 1095 instructing the employee holding that phone to report tosafe house 1060. In addition, server 1050 uploads an authorization codeenabling cellular telephones 1095 as access credentials capable ofauthorization to an RFID reader 1070 controlling access to safe house1060. The authorization code is provided via cellular telephoneinterface 114 and stored to memory 112.

Once the newly enabled cellular telephone 1095 is brought withincommunicable proximity of RFID reader 1070, an nfc communication isinitiated using nfc interface 122. Once initiated, nfc interface 122requests authorization information from an RFID reader authorizationapplication 620. RFID reader authorization application 620 pulls theuploaded authorization information from memory 112, and provides theauthorization information to nfc interface 122. The authorizationinformation is then provided to RFID interface 272 via the nfccommunication channel. Where the authorization is recognized by RFIDreader 1070, access to safe house 1060 is granted by unlocking a doorassociated with RFID reader 1070.

Turning to FIG. 11, a flow diagram 1100 shows a method in accordancewith one or more embodiments of the present invention for emergencylocation access authorization. Following flow diagram 1100, an emergencycondition is identified (block 1105). This may include, for example,identifying a state of emergency in a city where a multi-nationalcompany does business. An access enable request is prepared for anypersonnel that may be affected by the identified emergency condition(block 1110). Such an access enable request may include, for example,directions to a safe house, one or more authorization codes allowingaccess to the safe house, and a list of access information forcredentials held by personnel that may be affected by the emergencysituation. This information is sent to a server supporting an emergencyaccess security system (block 1115).

Once the request is received at the server (block 1120), the serverparses the request to select the first credential in the list (block1125) and to identify access information for that credential (block1130). As an example, where the credential is embodied in a cellulartelephone, the access information may include the telephone number forthe cellular telephone. Once the access information is identified (block1130), an authorization code(s) corresponding the requested accessauthorization is transferred to the credential (block 1135). Where, forexample, the credential is a cellular telephone, the authorizationcode(s) is received via the cell interface of the cellular telephone andstored to the memory of the cellular telephone. At this juncture, thecredential is capable of authorizing to one or more RFID readersutilizing the authorization code(s). In some cases, transferring theauthorization code(s) further includes sending a message (e.g., voice ortext) to the party holding the credential guest. This message mayinclude, for example, instructions on the location of the safe house.The newly authorized credential is identified on a list of credentialscapable of accessing the RFID reader associated with the request that ismaintained by the server (block 1140). It is then determined whetherthere is another credential on the list that remains to be authorized(block 1145). Where there is another credential to be authorized (block1145), the next credential is selected (block 1150) and the processes ofblocks 1130-1140 are repeated for the additional credential.

Turning to FIG. 12, a flow diagram 1200 shows a method in accordancewith some embodiments of the present invention for multi-part credentialupdating. Following flow diagram 1200, a secure access condition isidentified (block 1205). This may include, for example, receiving arequest to access a secure location or secure information by a party. Insome such cases, heightened security is imposed that requires twoauthorized individuals to operate together when accessing the securelocation. In such a case, a multipart access enable is prepared (block1210). The multipart request includes an authorization code that is tobe provided to one credential and another authorization code that is tobe provided to another credential. In addition, the multipart requestmay include a duration associated with the authorization. Only when bothcredentials simultaneously within communicable distance of an RFIDreader will the RFID reader grant access. As such, the RFID readerenforces the two person security. The multipart access enable isprovided to a server supporting a secure access system.

Once the request is received at the server (block 1220), the serverparses the request and selects the first credential (block 1225). Accessinformation for the first credential is identified (block 1230) and thefirst part of the multipart authorization code is provided to theidentified credential (block 1235). As one example, where the firstcredential is embodied in a cellular telephone, the access informationmay include the telephone number for the cellular telephone. Thetransferred authorization code(s) is received via the cell interface ofthe cellular telephone and stored to the memory of the cellulartelephone. At this juncture, the first credential is capable ofauthorizing to one or more RFID readers utilizing the authorizationcode(s) assuming the second credential is simultaneously withincommunicable distance. The second credential is selected (block 1240).Access information for the second credential is identified (block 1245)and the second part of the multipart authorization code is provided tothe identified credential (block 1250). As an example, where the secondcredential is embodied in a cellular telephone, the access informationmay include the telephone number for the cellular telephone. Thetransferred authorization code(s) is received via the cell interface ofthe cellular telephone and stored to the memory of the cellulartelephone. At this juncture, the second credential is capable ofauthorizing to one or more RFID readers utilizing the authorizationcode(s) assuming the first credential is simultaneously withincommunicable distance. The newly authorized credentials are identifiedon a list of credentials capable of accessing the RFID reader associatedwith the request that is maintained by the server (block 1255). Further,where the duration of the authorization is finite, that duration isrecorded and monitored by the server (block 1260).

As shown in a flow diagram 1201, the server continues to monitor theduration of the authorization. When the duration expires (block 1251),the server identifies the access information for the credential (block1261). The access information is used to access the credential andoverwrite or otherwise revoke the previously provided authorizationcode(s) (block 1271). Once the revocation is complete, the credential isno longer capable of authorizing itself to the RFID reader. With thiscomplete, the credential is removed from the server maintained list ofcredentials capable of accessing the RFID reader associated with therequest (block 1281).

In conclusion, the present invention provides novel systems, devices,methods and arrangements for upgrading and/or accessing RFID readers.While detailed descriptions of one or more embodiments of the inventionhave been given above, various alternatives, modifications, andequivalents will be apparent to those skilled in the art without varyingfrom the spirit of the invention. Therefore, the above descriptionshould not be taken as limiting the scope of the invention, which isdefined by the appended claims.

What is claimed is:
 1. A credential reader update system, the systemcomprising: a server operable to provide a credential reader update viaa cellular telephone interface; a plurality of credential readers, eachcredential reader operable to communicate with a presented credential ata credential reader frequency, wherein each credential reader has acredential reader interface having a credential reader interface range;a portable update device selectively movable into and out of thecredential reader interface range, wherein the portable update device isoperable to receive the credential reader update via the cellulartelephone interface; and a credential reader update application includedin the portable update device, the credential reader update applicationoperable to uniquely identify the particular credential reader to beupdated, and wherein the portable update device is operable to transferthe credential reader update to the credential reader via the credentialreader interface, and wherein the credential reader update includesfirmware instructions that cause the credential reader to performcommunications with the presented credential at a second frequencydifferent than the credential reader frequency.
 2. The credential readerupdate system of claim 1, wherein the portable update device is acellular telephone.
 3. The credential reader update system of claim 1,wherein the credential reader interface operates at 13.56 MHz.
 4. Thecredential reader update system of claim 1, wherein the credentialreader update causes a change in an authorization code of the credentialreader.
 5. The credential reader update system of claim 1, wherein thecredential reader is associated with an access point, and wherein byauthorizing a credential to the credential reader the access point isopened.
 6. The credential reader update system of claim 1, wherein thecredential reader includes a processor, and wherein the credentialreader update includes instructions executable by the processor tomodify the function performed by the credential reader.
 7. Thecredential reader update system of claim 1, wherein the portable updatedevice transmits authorization information at a first frequency, whereinthe credential reader is operable to receive authorization informationat the credential reader frequency, and wherein the credential readerupdate renders the credential reader able to receive authorizationinformation at the first frequency.
 8. The credential reader updatesystem of claim 1, wherein the credential reader is implemented as partof a point of sale device.
 9. A method for updating a credential readerthat is operable to read a presented credential at a credential readerfrequency, the method comprising: transferring a credential readerupdate to a portable update device via a cellular telephone interface,the portable update device movable into and out of a credential readerinterface range; detecting the portable update device within thecredential reader interface range of the credential reader; determiningif the credential reader is a particular credential reader that is to beupdated; and transferring the credential reader update to the credentialreader via the credential reader interface in response to a positivedetermination that the credential reader is the particular credentialreader that is to be updated, wherein the credential reader operatesconsistent with the credential reader update, and wherein the credentialreader update includes firmware instructions that cause the credentialreader to perform communications with the presented credential at asecond frequency in addition to the credential reader frequency.
 10. Themethod of claim 9, wherein the credential reader update causes a changein an authorization code of the credential reader.
 11. The method ofclaim 9, wherein the credential reader is associated with an accesspoint, and wherein by authorizing a credential at the credential readerthe access point is opened.
 12. The method of claim 11, wherein thecredential reader update renders the credential unauthorized.
 13. Themethod of claim 11, wherein the credential reader update renders thecredential authorized.
 14. The method of claim 11, wherein thecredential transmits authorization information at a credential readerfrequency, wherein the credential reader is operable to receiveauthorization information at the credential reader frequency, andwherein the credential reader update renders the credential reader ableto receive authorization information at the second frequency.
 15. Themethod of claim 9, wherein the credential reader is implemented as partof a point of sale device.
 16. The method of claim 9, wherein theportable update device is a cellular telephone, and wherein the cellulartelephone supports near field communication.
 17. The method of claim 16,wherein the near field communication are used to transfer the credentialreader update to the credential reader using a programming frequency andprotocol recognized by the credential reader.
 18. A remote access systemcomprising: a credential reader; a credential having a firstcommunication interface that communicates using a cellular telephonenetwork and a second communication interface that is different than thefirst communication interface, the credential operable to receiveauthorization information and to communicate with the credential reader;a server operable to receive an authorization request for the credentialand to access the credential to provide the authorization information; aportable device operable to send the authorization request to the serverfrom the credential; and a reader authorization application included inthe credential, wherein the credential is operable to transfer anauthorization code to the credential reader via the second communicationinterface that is different than the first communication interface,wherein the portable device is separate from the credential.
 19. Theremote access system of claim 18, wherein the credential is a cellulartelephone.
 20. The remote access system of claim 18, wherein the secondcommunication interface operates at 13.56 MHz.
 21. The remote accesssystem of claim 18, wherein the credential reader is associated with anaccess point, and wherein by transferring an authorization code to thecredential reader, access to the access point is granted.
 22. A methodfor remotely authorizing access, the method comprising: transferring arequest for access from a credential to a portable device which isseparate from the credential; determining a grant of access; sending anauthorization request from the portable device to a server, theauthorization request identifying the grant of access; uploadingauthorization information for a credential reader to the credential;initiating a communication with a credential reader interface inresponse to positioning the credential within a credential readerinterface range of the credential reader; requesting authorizationinformation from the credential; and transferring the authorizationinformation from the credential to the credential reader via thecredential reader interface.
 23. The method of claim 22, whereinuploading authorization information includes receiving the authorizationinformation via a cellular telephone interface.
 24. The method of claim22, wherein requesting authorization information from the credentialincludes requesting information from a credential reader authorizationapplication within the credential.
 25. The method of claim 22, furtherincluding transferring the authorization information from a memory ofthe credential to the credential reader via the credential readerinterface.